Netfilter is a set of hooks in the Linux kernel that allows interaction between kernel modules and the network stack. Iptables is a framework which allows for the definition of rules that make use of these hooks.